njs-acme icon indicating copy to clipboard operation
njs-acme copied to clipboard

Published 20 hours ago verified publisher icon nginx

On the fly certs - no connection drop, no reload

Open jaysee opened this issue 8 months ago • 0 comments

Is your feature request related to a problem? Please describe

One the fly 0 downtime/0 connection drop SSL cert generation.

Describe the solution you'd like

Actually it is not possible to generate on the fly certs so it makes the system depends of periodics or external url triggering.

You may be aware of lua's version ssl_certificate_by_lua that works on the fly.

I know one of the limitation is coming from njs that does not allow usage of async functions in js_set, blocking on the fly generation in acme.js_cert and acme.js_key, but have you discuss this situation with nginx/njs project to be able to provide something alike ssl_certificate_by_lua (basically a js_set with async allowed) ?

Describe alternatives you've considered

ssl_certificate_by_lua but I would prefer to stick on NJS as I already have usage of it and not of lua's mod.

Thanks for your work!

jaysee avatar Jun 13 '24 09:06 jaysee